diff options
author | makefu <github@syntax-fehler.de> | 2022-09-23 22:25:15 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2022-09-23 22:25:15 +0200 |
commit | 57eceb7c056f90da0bc107e73795967e76ad92bf (patch) | |
tree | 7087e89c115ff4a97f74ca629d5e59e740b04b25 /tv/2configs | |
parent | 092e42f7370b604ba05eda9b3ab1e07c91541d9a (diff) | |
parent | 55957c6d6adb51d2079c117c1e7309c60ee0fe0f (diff) |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'tv/2configs')
-rw-r--r-- | tv/2configs/bash/default.nix | 2 | ||||
-rw-r--r-- | tv/2configs/binary-cache/default.nix | 24 | ||||
-rw-r--r-- | tv/2configs/gitrepos.nix | 2 | ||||
-rw-r--r-- | tv/2configs/nginx/default.nix | 15 |
4 files changed, 16 insertions, 27 deletions
diff --git a/tv/2configs/bash/default.nix b/tv/2configs/bash/default.nix index 42914e060..92e2499a9 100644 --- a/tv/2configs/bash/default.nix +++ b/tv/2configs/bash/default.nix @@ -6,7 +6,7 @@ with import <stockholm/lib>; programs.bash = { interactiveShellInit = /* sh */ '' HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 + HISTSIZE=900001 HISTFILESIZE=$HISTSIZE HISTTIMEFORMAT= diff --git a/tv/2configs/binary-cache/default.nix b/tv/2configs/binary-cache/default.nix index f6eaba36f..58791f4f6 100644 --- a/tv/2configs/binary-cache/default.nix +++ b/tv/2configs/binary-cache/default.nix @@ -3,24 +3,15 @@ environment.etc."binary-cache.pubkey".text = config.krebs.build.host.binary-cache.pubkey; + nixpkgs.overlays = [ + (self: super: { + nix-serve = self.haskellPackages.nix-serve-ng; + }) + ]; + services.nix-serve = { enable = true; - secretKeyFile = config.krebs.secret.files.binary-cache-seckey.path; - }; - - systemd.services.nix-serve = { - after = [ - config.krebs.secret.files.binary-cache-seckey.service - ]; - partOf = [ - config.krebs.secret.files.binary-cache-seckey.service - ]; - }; - - krebs.secret.files.binary-cache-seckey = { - path = "/run/secret/nix-serve.key"; - owner.name = "nix-serve"; - source-path = toString <secrets> + "/nix-serve.key"; + secretKeyFile = toString <secrets> + "/nix-serve.key"; }; services.nginx = { @@ -28,6 +19,7 @@ virtualHosts.nix-serve = { serverAliases = [ "cache.${config.krebs.build.host.name}.hkw" + "cache.${config.krebs.build.host.name}.r" ]; locations."/".extraConfig = '' proxy_pass http://localhost:${toString config.services.nix-serve.port}; diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index 4d22fdff5..50444c1ee 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -109,7 +109,6 @@ let { }; q = {}; reaktor2 = {}; - regfish = {}; stockholm = { cgit.desc = "NixOS configuration"; }; @@ -156,6 +155,7 @@ let { painload = {}; push = {}; Reaktor = {}; + regfish = {}; with-tmpdir = {}; get = {}; load-env = {}; diff --git a/tv/2configs/nginx/default.nix b/tv/2configs/nginx/default.nix index b0acb9435..efea3a844 100644 --- a/tv/2configs/nginx/default.nix +++ b/tv/2configs/nginx/default.nix @@ -4,22 +4,19 @@ with import <stockholm/lib>; { services.nginx = { + enableReload = true; + recommendedGzipSettings = true; recommendedOptimisation = true; recommendedTlsSettings = true; - virtualHosts._http = { + virtualHosts.${toJSON ""} = { default = true; extraConfig = '' - return 404; - ''; - }; - - virtualHosts.default = { - locations."= /etc/os-release".extraConfig = '' - default_type text/plain; - alias /etc/os-release; + error_page 400 =444 /; + return 444; ''; + rejectSSL = true; }; }; tv.iptables = { |